A recent report from the United Nations' working group on Internet governance (WGIG) suggests that the debate over the topic might be entering a more placid period. Notably, the reports recommendations don't include immediate and draconian changes to the currentarchitecture or oversight mechanism, but the status quo isn't likely to exist forever.

A recent report from the United Nations' working group on Internet governance (WGIG) suggests that the debate over the topic might be entering a more placid period. Notably, the reports recommendations don't include immediate and draconian changes to the current architecture or oversight mechanism.

On the other hand, those at the highest levels of oversight don't expect the status quo to last forever. Technologists are also concerned that governments will try to replace technical solutions that work, albeit imperfectly — excluding those unable to use Roman character sets, for example — with politically expedient solutions that could cause technological nightmares.

Seeking Global Consensus

The debate's nuances will come to the forefront of discussion in the time leading up to the second phase of the World Summit on the Information Society, which is scheduled for 16 to 18 November in Tunis ( www.itu.int/wsis/). Markus Kummer, executive coordinator for the UN working group ( www.wgig.org), says he's heartened by the fact that people even recognize that there are nuances now, following acrimonious discussion leading up to the world summit's first phase in Geneva in 2003.

"We had very much what I would call a black-and-white picture," Kummer says. "One side said, 'Everything is fine. There's no real governance issue; it works beautifully,' and the other side said, 'Yes, but it's not legitimate. It needs to be changed. It ought to be governed in the form of traditional international covenants and arrangements.' By that, they mean clearly traditional intergovernmental organizations where governments have a lead and sit at the top of the table, perhaps deciding to let in some of the other stakeholders, such as civil society and the private sector. So this was clearly a clash of two different visions of how to run the world in general and how to run the Internet in particular."

The way out of the deadlock, Kummer says, was to ask the UN Secretary General to set up the WGIG. This was, by no means, a mandate to come up with a new model and architecture; instead, it was a mandate to investigate ways to reach global consensus. The group had three main issues to address:

• come up with a working definition of exactly what Internet governance is;

• define relevant public policy issues; and

• develop an understanding of the respective roles and responsibilities of the various actors, including governments, the private sector, civil society, and technological standards bodies.

Vinton Cerf, chair of the board of the Internet Corporation for Assigned Names and Numbers, praises both Kummer and working group chair Nitin Desai for reducing the level of acrimony directed toward ICANN during the first phase of the WSIS.

"On the whole, I thought the focus moved away from the discussions in WSIS 1 and initial discussions at WGIG from a total focus on ICANN to a much broader set of Internet governance issues written large," Cerf says, "issues, which are not in the purview of ICANN and are still a great concern and of public interest: fraud and abuse and all the other things that can happen on the Internet — not just in domain names but elsewhere."

The Product and the Process

The 40-member working group released its report on 18 July, featuring four options for restructuring global Internet oversight ( www.wgig.org/docs/WGIGREPORT.pdf). Although three of the four describe a greatly diminished role for ICANN and the US government, the report doesn't echo the amount of criticism expressed in Geneva in 2003.

"I'm actually relieved that the outcome of the WGIG was fairly constructive, and I think it actually gave ICANN an opportunity to educate people about how ICANN works and what its parts are — what its objectives are — and I don't think that was well understood in the past," Cerf says. "That led to an awful lot of misunderstanding and speculation."

Kummer concurs with Cerf to a large degree.

"ICANN came out of this exam quite well, except [regarding] the question of whether it is truly multilateral in the classical sense of basically being an intergovernmental organization, and in that sense, ICANN is truly not a multilateral organization. It is certainly international in a sense — its board is international, its staff is international — but it's not multilateral in the classical sense that governments sit on the board and make the ultimate decisions."

Ironically, Kummer says the WGIG strayed from the usually elaborate diplomatic protocol (in which government representatives from regional groups speak first, followed by those from individual nations, with nongovernmental entities allowed to participate almost as an afterthought) to one more akin to the open discussions of ICANN meetings in eliciting comments. The working group is actually as proud of the discussion process as the finished report itself.

Kummer says the openness of the process might best be symbolized by the first person to address the working group at its last meeting preceding the report's release: rather than following the usual UN pecking order, the WGIG heard first from IETF Chair Brian Carpenter.

"Brian's observations were excellent statements," says Kummer. "But I think it was also a nice symbol that it wasn't any government actor, but an eminent engineer who was first to address the assembly, and the amazing thing was, nobody objected to that. In this sense, it already shows great progress, that government actors realized nongovernment actors have substantive contributions to make in the debate. The private sector and civil society clearly showed their legitimacy through their competence."

The question of whether the air of hopefulness can survive the next round of WSIS will probably center on how patiently governments that currently have little or no role in Internet policy allow a gradual transition from the current US-based policymaking structure. Additionally, the Internet community will have to find a way to align the intramural interests of registries, backbone providers, and ISPs, many of which have been sharply critical of ICANN's unilateral administration of the DNS. Demand is expanding worldwide for Internet access. At this point, policymakers and even savvy end users who don't follow the debates over issues such as which companies receive lucrative control over top-level domains just see an Internet that works well. By and large, as long as the power lines and telecom lines are working, people who are used to getting online can do so most of the time.

The Internet's overall robustness has, however, led many of these same nontechnical parties to demand quick changes or implementation of technologies such as internationalized domain names (IDN), without taking into account the devilish complexity involved; both Cerf and Kummer say issues such as IDN are examples of how communications failures between technical people and policymakers still hamper convivial relationships.

One vehicle the WGIG report suggested to address the need of cross-organizational communication is an international forum, preferably linked to the UN, and envisioned to consist of stakeholders from all sectors including developed and developing nations. Such a forum would place policy discussions under an internationally recognized format and reduce the dependence on ICANN's Governmental Advisory Committee (GAC), which Cerf admits can be a burden for developing nations to attend.

"We have regularly tried to persuade all the governments to participate in the ICANN GAC in those areas where ICANN has responsibility," he says. "Those efforts have had mixed success. We now have on the order of 100 countries participating, but that's only about half of all there are, so that means we still have some bridges to build. It's always a problem of money — travel costs, things like that. It may be that some regionalization of the activity would help."

US Position: Wild Card or Monkey Wrench?

Just three weeks prior to the WGIG report's release, Assistant Secretary of Commerce Michael Gallagher announced US principles on the Internet's Domain Name and Addressing System ( www.ntia.doc.gov/ntiahome/domainname/USDNSprinciples_06302005.htm). The terse statement has been a topic of much speculation in the intervening period — read as either a nationalist-centered line in the sand dismissing international concerns or a statement reaffirming cautious oversight while the discussion wends its way through the WSIS process.

Among the principles mentioned were two that signaled the US might be in no mood to abdicate its current role as the ultimate overseer of the DNS and root:

"Given the Internet's importance to the world's economy, it is essential that the underlying DNS of the Internet remain stable and secure. As such, the United States is committed to taking no action that would have the potential to adversely impact the effective and efficient operation of the DNS and will therefore maintain its historic role in authorizing changes or modifications to the authoritative root zone file."

and

"The United States continues to support the ongoing work of ICANN as the technical manager of the DNS and related technical operations and recognizes the progress it has made to date. The United States will continue to provide oversight so that ICANN maintains its focus and meets its core technical mission."

The statements run directly contrary to the WGIG report's statement that "no single government should have a preeminent role in relation to international Internet governance," but the clash's likely end result has been one of the central topics among Internet policy mavens since the two documents were issued.

Cerf says he thinks the US statement causing the most concern was its intention to maintain its role in authorizing root zone file changes. He suggests that the statement could be interpreted in two ways — that the US government has no intention of releasing control of DNS when the current memorandum of understanding with ICANN expires in September 2006, or, conversely, that with no idea of what either the WGIG report or the WSIS conference might yield, the US felt it prudent to issue an ambiguous statement pledging to protect the stability of the DNS and root zone file.

That said, Cerf believes the latter is "a charitable interpretation, because many people around the world are exercised about the US government's international posture."

Kummer says that, despite what might be bandied about in public, the central political players do recognize that change will be slow in coming.

"I did my best from the very beginning in expectation management," Kummer says. "I said, 'Look, time is short and don't expect we'll end up in Tunis with a complete overhaul of the architecture of existing arrangements.' That would be naïve."

Greg Goth is a freelance technology writer based in Connecticut.

News in Brief

The US Federal Communications Commission issued a final ruling in August that extends wiretapping under the 1994 Communications Assistance for Law Enforcement Act (CALEA) to include certain providers of broadband Internet access and voice-over-IP services. The FCC's reasoning is that such services "essentially replace conventional technologies currently subject to wiretap rules." The ruling affects facilities-based broadband Internet access service providers and VoIP providers with services that let users call into or receive calls from the public switched telephone network. The carriers have 18 months to comply with design mandates. According to the Center for Democracy and Technology, the FCC's ruling exceeds CALEA's terms and threatens both Internet users' privacy and ease of innovation. CDT is considering a court challenge.

The FCC announcement is available at http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-260434A1.doc.

The CDT's CALEA overview is at www.cdt.org/digi_tele.

IBM, Microsoft, RSA Security, and VeriSign have released an updated version of the Web Services Security Policy Language specification. WS-SecurityPolicy defines security policy assertions that apply to SOAP Message Security, WS-Trust, and WS-SecureConversation. WS-SecurityPolicy 1.1 updates the December 2002 release and will be submitted to Oasis ( www.oasis-open.org) in September for standardization, along with WS-Trust and WS-SecureConversation.

The new specification is available at http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf.

IBM offers an overview of WS-SecurityPolicy at http://www-128.ibm.com/developerworks/library/specification/ws-secpol.

The solar-powered Wi-Fi concept received a significant boost in July when Lumin Innovative Products deployed solar-powered Internet access points in Boulder, Colorado's busy Pearl Street Mall outdoor shopping district. Lumin's four LightWave AP-1000 dual-panel units offer visitors free wireless Internet access throughout a tree-lined, six-block area. Given clear line of sight, the company says each access point has a range of up to 30 miles. Another outdoor shopping district in downtown Denver is working on plans for a similar network.

Further information is available at www.luminip.com.

The IETF released Atom Syndication Format version 10 in July, declaring it an appropriate basis for implementing Atom 1.0. Atom is an XML-based Web content and metadata syndication format that describes lists of related information (feeds). As with the competing Really Simple Syndication technology, Atom's primary use case is syndicating weblogs, news headlines, and other Web content to Web sites and users.

The Atom Format draft is available at www.ietf.org/internet-drafts/draft-ietf-atompub-format-10.txt.

A comparison of Atom 1.0 and RSS 2.0 is at www.intertwingly.net/wiki/pie/Rss20AndAtom10Compared.

Open Source Development Labs has announced a Patent Commons Project to help open-source developers avoid patent infringements. The initial project plans include a library and database that aggregate patent pledges, along with an aggregation of other legal solutions, including indemnification programs offered by open-source software vendors. OSDL also plans to offer a collection of software patent licenses and software patents (issued and pending) held for the open-source community's benefit.

More information is available at www.osdl.org/newsroom/press_releases/2005/2005_08_09_beaverton.html.